Cyber security experts have issued a cautionary alert regarding a severe breach at the University of Nottingham, emphasizing the urgent need for educational institutions to fortify their defenses promptly.
This week, officials disclosed that students were left vulnerable due to a significant breach that could potentially disrupt the processing of exam results. Hackers infiltrated the system in late May, potentially compromising students’ personal and financial information.
In a communication to students, Jason Carter, the university’s chief governance and risk officer, revealed that a well-known cyber criminal group, suspected to be the ShinyHunters, may have gained unauthorized access to data within the Campus Solutions platform. The university promptly shut down the system for investigation, causing disruptions in exam grading processes.
Security experts from online firms have outlined the potential repercussions of the attack, expressing concerns that this incident at the University of Nottingham could be the catalyst for a series of similar attacks on other institutions. Raluca Saceanu, CEO of Smarttech247, stressed the importance of swift and coordinated responses in the face of such threats to prevent further breaches in the supply chain.
Lee Sult, Chief Investigator at Binalyze, emphasized that attackers often exploit vulnerabilities in the easiest targets. He highlighted the recent trend of cyber attacks on educational institutions, citing a ransomware attack on the Canvas software provider that affected numerous universities. Sult warned that the stolen financial data and National Insurance numbers could be utilized for future fraudulent activities by cybercriminal groups.
The University of Nottingham issued an apology to those impacted by the breach, acknowledging the seriousness of the incident. The university assured affected individuals that they are actively cooperating with authorities and conducting a thorough forensic investigation to address the breach. In the meantime, the university is providing support and guidance to affected students as more information becomes available.
An email sent to affected students urged vigilance against suspicious communications, especially requests for financial details. Jason Carter reiterated the severity of the breach, expressing regret and advising impacted individuals to change their passwords as a precaution.
Concerns were raised by a university staff member regarding the extent of compromised data and the potential disruptions to exam grading processes if the software issues persist. The University of Nottingham has reported the incident to the Information Commissioner’s Office and is closely working with law enforcement agencies to address the breach.
The National Crime Agency confirmed its awareness of the incident and is collaborating with partners to assess the impact of the breach, according to a spokesperson statement.